TWI407751B - System and method for verifying the identity of web site users - Google Patents

System and method for verifying the identity of web site users Download PDF

Info

Publication number
TWI407751B
TWI407751B TW98109847A TW98109847A TWI407751B TW I407751 B TWI407751 B TW I407751B TW 98109847 A TW98109847 A TW 98109847A TW 98109847 A TW98109847 A TW 98109847A TW I407751 B TWI407751 B TW I407751B
Authority
TW
Taiwan
Prior art keywords
authentication
user
website
platform
client device
Prior art date
Application number
TW98109847A
Other languages
Chinese (zh)
Other versions
TW201036397A (en
Inventor
Ching Chuan Kuo
Stevenson Huang
Chun Chang Chen
Chia Hui Lin
Jen Yuan Ni
Shao I Lu
Ying Tsung Lee
Original Assignee
Chunghwa Telecom Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chunghwa Telecom Co Ltd filed Critical Chunghwa Telecom Co Ltd
Priority to TW98109847A priority Critical patent/TWI407751B/en
Publication of TW201036397A publication Critical patent/TW201036397A/en
Application granted granted Critical
Publication of TWI407751B publication Critical patent/TWI407751B/en

Links

Abstract

A system and method for verifying the identity of a web site user is proposed, comprising linking a user end apparatus with a network service platform via a network system and notifying an authentication platform to verify the identity of the user; requesting the user end apparatus to input an verification code for being decoded by the authentication platform for user ID verification; transmitting the verification result to the network service platform, thereby avoiding the inconvenience of using different sets of account numbers and passwords for authentication purposes and further providing a classification mechanism that categorizes users to obtain differing levels or types of network services based on the preset verification codes.

Description

網站使用者身分認證系統與方法Website user identity authentication system and method

本發明係關於一種網站使用者身分認證系統與方法,更詳而言之,係一種利用加密的帳號資料與識別碼來進行身分認證之網站使用者身分認證系統與方法。The present invention relates to a website user identity authentication system and method, and more particularly to a website user identity authentication system and method for performing identity authentication using encrypted account data and identification code.

網路使用越來越大眾化,隨著網路的蓬勃發展,網路的建構及擴展已漸漸地改變人類的行為模式。舉例來說,由於網路相當的普及,使大部分的使用者透過網路搜集資料、瀏覽知識、購買商品、工作、討論問題與交朋友。因此,各式各樣的網路服務平台出現於網路上,藉由與各種不同的網路社群進行互動,使得人類的行為更方便、更快速且更科技。The use of the Internet is becoming more and more popular. With the rapid development of the Internet, the construction and expansion of the Internet has gradually changed the behavior patterns of human beings. For example, due to the popularity of the Internet, most users collect information, browse knowledge, purchase goods, work, discuss issues and make friends through the Internet. As a result, a wide variety of web services platforms appear on the web, making human behavior more convenient, faster, and more technological by interacting with a variety of different online communities.

一般來說,使用者登入網路服務平台,必須先註冊使用者帳號並設定密碼,當使用者具有多數網路服務平台的帳號與密碼時,記憶大量的帳號與密碼常對使用者造成困擾。若使用者設定相同的帳號與密碼,一但資料外洩(例如遭駭客盜取帳號或詐騙網站竊取個人資料),非法之用戶即可輕易地以該帳號與密碼登入網路,假冒使用者身分在網路上進行商業行為,交友或發表言論,使真正使用者造成極大損害。In general, users who log in to the web service platform must first register the user account and set a password. When the user has the account and password of most network service platforms, remembering a large number of accounts and passwords often causes problems for the user. If the user sets the same account number and password, once the data is leaked (for example, the hacker steals the account or the fraudulent website steals the personal data), the illegal user can easily log in to the network with the account and password, and impersonate the user. The identity of doing business on the Internet, making friends or making speeches, causing great damage to real users.

目前針對帳號與密碼自動輸入的技術有Cookie或寫入註冊機碼,然而此類的技術仍然有帳號與密碼被盜取的可能性。且使用者除了登入網站時需輸入帳號密碼外,於執行網路交易、付費等較重要的動作時,尚須額外輸入其他認證密碼。如此繁複的動作,不但讓使用者連結網站的意願降低,也連帶影響網站的營運。At present, the technology for automatically inputting accounts and passwords has a cookie or a registered machine code. However, such technology still has the possibility that the account and password are stolen. In addition to entering the account password, the user has to enter additional authentication passwords when performing more important actions such as online transactions and payment. Such complicated actions not only reduce the user's willingness to link to the website, but also affect the operation of the website.

另一方面,基於方便性與成本上的考量,多人共用同一網站的使用者帳號已經是一種趨勢,然而一般網站所提供的服務內容無法對同一使用者帳號作功能上或使用權限的限制,造成管理上的不便。例如影音服務網站無法針對同一使用者帳號作影音內容分級,因此家庭中的未成年子女只要取得父母的使用者帳號密碼即可任意瀏覽下載限制級的影音資料,因此對於父母管理使用者帳號密碼時的不便利性。On the other hand, based on convenience and cost considerations, it is a trend for multiple users to share user accounts of the same website. However, the service content provided by the general website cannot be restricted by functions or usage rights of the same user account. Causes management inconvenience. For example, the audio and video service website cannot classify audio and video content for the same user account. Therefore, the minor children in the family can browse and download the video and audio data of the restricted level as long as they obtain the password of the parent user account. Therefore, when the parent manages the user account password, Inconvenience.

然而,上述習知技術存在以下的問題:However, the above conventional techniques have the following problems:

(1)安全性不足。網路服務平台的業者所建構的身分認證機制通常僅利用繁複的帳號與密碼來增加資料被盜取的難度,然而駭客藉由不斷的嘗試後仍有可能找出破解的方法,因此會影響網路服務平台的安全性。(1) Insufficient security. The identity authentication mechanism built by the operators of the Internet service platform usually only uses complicated accounts and passwords to increase the difficulty of data theft. However, after continuous trial, the hacker may still find the method of cracking, which will affect The security of the web service platform.

(2)便利性不足。使用者於登入特定網站時,需輸入該特定網站的帳號密碼。然而當使用者具有多數網站的帳號密碼或同一網站具有多種帳號密碼時,如何找出對應該網站的帳號密碼藉以登入該特定網站係使用者所面臨的一大難題,因此也造成使用上的不便利。(2) Insufficient convenience. When a user logs in to a particular website, he or she needs to enter the account password for that particular website. However, when the user has the account password of most websites or the multiple passwords of the same website, how to find out the password of the account corresponding to the website is a major problem faced by the user of the particular website, and thus the use is not convenient.

(3)使用者無法有效管理網站服務的內容。於多人共用同一使用者帳號時,網路服務平台不具備服務內容分級或分類的機制,因此無法對使用者的權限或網站服務內容作管理與限制。(3) The user cannot effectively manage the content of the website service. When multiple users share the same user account, the network service platform does not have a mechanism for classifying or classifying the service content, and thus cannot manage or restrict the user's rights or website service content.

綜上所述,如何能提供一種可解決上述習知技術缺點的網站使用者身分認證系統與方法,遂成為目前亟待解決的課題。In summary, how to provide a website user identity authentication system and method that can solve the above-mentioned shortcomings of the prior art has become an urgent problem to be solved.

為解決前述習知技術之缺失,本發明提供一種網站使用者身分認證系統,係應用於網路系統中,該網站使用者身分認證系統包括:用戶端裝置;網路服務平台,係透過該網路系統連結該用戶端裝置,以提供網路服務內容予該用戶端裝置;以及認證平台,係透過該網路系統連結該用戶端裝置與該網路服務平台,以於該用戶端裝置登入至該網路服務平台時,由該認證平台對該用戶端裝置進行登入認證,其中,該用戶端裝置包括:用戶端輸入介面,用以提供使用者輸入帳號資料,以將該帳號資料傳予該認證平台進行初始認證,並於通過初始認證後提供該使用者輸入識別碼;資料加密模組,用以將該使用者輸入的帳號資料與識別碼形成加密檔並儲存於該用戶端裝置;公開資訊介面,用以於該用戶端裝置登入至該網路服務平台而由該認證平台進行登入認證時,提供該用戶端之公開資訊予該認證平台,以由該認證平台透過預設之規則計算出識別參數;伺服端存取介面,用以提供該認證平台輸入該識別參數以使該認證平台由該用戶端裝置擷取該加密檔,俾該認證平台將該加密檔解密並取出該帳號資料以確認該使用者的身份;以及用戶端存取介面,用以於該用戶端裝置請求該網路服務平台提供特定服務時,提供該使用者輸入該識別碼,於該識別碼確認無誤後將該加密檔傳予該認證平台進行解密以對該使用者進行身份確認。To solve the above-mentioned shortcomings of the prior art, the present invention provides a website user identity authentication system, which is applied to a network system. The website user identity authentication system includes: a client device; and a network service platform is through the network. The network system connects the client device to provide network service content to the client device; and the authentication platform connects the client device and the network service platform through the network system, so that the client device logs in to the In the network service platform, the authentication device performs login authentication on the client device, wherein the client device includes: a user input interface, configured to provide a user input account data, to transmit the account data to the The authentication platform performs initial authentication, and provides the user input identification code after initial authentication; the data encryption module is configured to form an encrypted file of the account data and the identification code input by the user and store the encrypted file in the user device; The information interface is used when the client device logs in to the network service platform and is authenticated by the authentication platform. Providing the public information of the client to the authentication platform, so that the authentication platform calculates the identification parameter through a preset rule; the server access interface is configured to provide the authentication platform to input the identification parameter to enable the authentication platform to be The client device retrieves the encrypted file, the authentication platform decrypts the encrypted file and retrieves the account data to confirm the identity of the user, and the client access interface is configured to request the network service from the client device. When the platform provides a specific service, the user is provided to input the identification code, and after the identification code is confirmed to be correct, the encrypted file is transmitted to the authentication platform for decryption to identify the user.

本發明又提供一種網站使用者身分認證方法,係應用於網路系統中,該網站使用者身分認證方法包括:(1)將帳號資料輸入用戶端裝置之用戶端輸入介面,以將該帳號資料傳予認證平台進行初始認證,並於通過初始認證後再輸入識別碼;(2)將所輸入的帳號資料與識別碼形成加密檔並儲存於用戶端裝置;(3)於該用戶端裝置登入至網路服務平台而由認證平台進行登入認證時,將該用戶端裝置之公開資訊傳予該認證平台,以由該認證平台透過預設之規則計算出識別參數;(4)將該識別參數輸入該用戶端裝置之伺服端存取介面以使該認證平台由該用戶端裝置擷取該加密檔,俾該認證平台將該加密檔解密並取出該帳號資料以確認該使用者的身份;以及(5)於該用戶端裝置請求該網路服務平台提供特定服務時,將該識別碼輸入該用戶端裝置之用戶端存取介面,於該識別碼確認無誤後對該加密檔解密以取出對應之帳號資料並傳予該認證平台進行確認或計算。The invention further provides a website user identity authentication method, which is applied to a network system, and the website user identity authentication method comprises: (1) inputting account data into a user input interface of the user device, to use the account data Pass the authentication platform to the initial authentication, and then input the identification code after the initial authentication; (2) form the encrypted account file and the identification code into the client device; (3) log in to the user device. When the login authentication is performed by the authentication platform to the network service platform, the public information of the client device is transmitted to the authentication platform, so that the authentication platform calculates the identification parameter through a preset rule; (4) the identification parameter Entering a server access interface of the client device to enable the authentication platform to retrieve the encrypted file by the client device, and the authentication platform decrypts the encrypted file and retrieves the account data to confirm the identity of the user; (5) when the client device requests the network service platform to provide a specific service, the identifier is input into the client access interface of the client device, After confirmation code to decrypt the encrypted file to extract the information corresponding to the account number and transmitted to the authentication confirmation or computing platform.

相較於習知的技術,本發明之網站使用者身分認證系統與方法解決了習知網站認證系統的缺點。本發明之網站使用者身分認證系統與方法應用一種安全認證平台,當用戶登入特定網站服務系統時,由此認證平台替代該網站服務系統對使用者進行身分認證。透過於用戶端先行對身分資料與識別碼進行加密以形成加密檔,待認證平台擷取加密檔進行解碼及比對後,即可完成身分認證動作。由於用戶身分資料須經加密及解密處理,其安全性自然比習知技術要高。網站服務業者也無需另外建構認證機制。且對於一般的使用者,也可將多種網路服務網站的帳號設定為相同的識別碼,提昇使用的便利性。駭客就算能取得使用者的資料檔,也無法對該資料檔進行解密。另外,使用者可針對同一網站的不同服務內容設定不同的識別碼,並將識別碼分別交給特定用戶。由於用戶僅能使用對應該識別碼的服務內容,因此具體實現單一帳號可進行服務內容分級與分類的功能。Compared with the prior art, the website user identity authentication system and method of the present invention solves the shortcomings of the conventional website authentication system. The website user identity authentication system and method of the present invention applies a security authentication platform. When a user logs in to a specific website service system, the authentication platform replaces the website service system to perform identity authentication for the user. The identity data and the identification code are encrypted firstly by the user to form an encrypted file. After the authentication platform captures the encrypted file for decoding and comparison, the identity authentication action can be completed. Since user identity data must be encrypted and decrypted, its security is naturally higher than that of the prior art. Website service providers do not need to construct an additional authentication mechanism. For general users, the accounts of various Internet service websites can also be set to the same identification code to improve the convenience of use. Even if the hacker can obtain the user's data file, the data file cannot be decrypted. In addition, the user can set different identification codes for different service contents of the same website, and hand the identification codes to specific users. Since the user can only use the service content corresponding to the identification code, the function of classifying and classifying the service content can be implemented by implementing a single account.

以下係藉由特定的具體實施例說明本發明之實施方式,熟悉此技術之人士可由本說明書所揭示之內容輕易地瞭解本發明之其他優點與功效。本發明亦可藉由其他不同的具體實施例加以施行或應用。The embodiments of the present invention are described below by way of specific embodiments, and those skilled in the art can readily appreciate the other advantages and advantages of the present invention. The invention may also be embodied or applied by other different embodiments.

請參閱第1圖,其係本發明之網站使用者身分認證系統的架構圖。如圖所示,本發明之網站使用者身分認證系統係應用於網路系統10,包括用戶端裝置11、網路服務平台12以及認證平台13。Please refer to FIG. 1 , which is a structural diagram of a website user identity authentication system of the present invention. As shown in the figure, the website user identity authentication system of the present invention is applied to the network system 10, including the client device 11, the network service platform 12, and the authentication platform 13.

網路系統10用以作為資料傳輸的媒介,其連結方式可例如為採用有線式之ADSL或FTTB之網路連結及/或採用無線式之網路連結。本發明之網路安全認證系統所採用之架構為網際網路,但並不因而限制本發明之範圍,也就是並不排除適用於如組織內網路系統、組織間網路系統、區域網路系統、廣域網路系統或虛擬私人網路系統等網路系統之可能性。The network system 10 is used as a medium for data transmission, and the connection method can be, for example, a network connection using a wired ADSL or FTTB and/or a wireless network connection. The architecture adopted by the network security authentication system of the present invention is an internet network, but does not limit the scope of the present invention, that is, it does not exclude application to, for example, an intra-network system, an inter-organizational network system, or a regional network. The possibility of a network system such as a system, a WAN system or a virtual private network system.

用戶端裝置11係為可存取資料並進行資料處理之電子設備,例如桌上型電腦、筆記型電腦、個人數位助理及/或行動電話。只要具有網路連線功能且具有資料處理與存取功能之設備均可作為此處之用戶端裝置11。The client device 11 is an electronic device that can access data and perform data processing, such as a desktop computer, a notebook computer, a personal digital assistant, and/or a mobile phone. Any device having a network connection function and having data processing and access functions can be used as the client device 11 herein.

網路服務平台12係提供使用者各種網路服務的網站或伺服器,例如多媒體訊息提供網站、拍賣網站、電信服務網站及/或金融服務網站。The web service platform 12 is a website or server that provides users with various web services, such as a multimedia message providing website, an auction website, a telecommunications service website, and/or a financial service website.

認證平台13係用以對連結該網路服務平台12之該用戶端裝置進行身分認證。The authentication platform 13 is configured to perform identity authentication on the client device that connects the network service platform 12.

於用戶端裝置11中設置用戶端輸入介面110、資料加密模組111、公開資訊介面112、伺服端存取介面113及用戶端存取介面114。The client input interface 110, the data encryption module 111, the public information interface 112, the server access interface 113, and the client access interface 114 are disposed in the client device 11.

本發明具體實施時,可包含三個認證階段。第一階段為初始認證,使用者藉由用戶端裝置11之用戶端輸入介面110輸入帳號資料,以將該帳號資料傳予認證平台13進行初始認證,於認證平台13比對無誤後即通過初始認證,再通知使用者輸入對應之識別碼。於使用者輸入帳號資料與識別碼時,資料加密模組111會將該些資料形成加密檔並儲存於該用戶端裝置11。When the invention is embodied, three authentication stages may be included. The first stage is the initial authentication. The user inputs the account data through the user input interface 110 of the client device 11 to transmit the account data to the authentication platform 13 for initial authentication. After the authentication platform 13 is correct, the user passes the initial authentication. After the authentication, the user is notified to input the corresponding identification code. When the user inputs the account data and the identification code, the data encryption module 111 forms the encrypted file and stores it in the client device 11.

第二階段為登入認證,當使用者欲登入網路服務平台12時,網路服務平台12會通知認證平台13對使用者進行登入認證。此時,認證平台13透過公開資訊介面112擷取儲存於用戶端裝置11之公開資訊,再透過預設之演算規則計算出特定之識別參數,接著,認證平台13透過伺服端存取介面114將該識別參數輸入以擷取該加密檔。最後,對該加密檔解密並取出該帳號資料進行比對,以確認該使用者的身份。若確認身份無誤,即可告知網路服務平台接受該使用者的登入。因此,於第二階段的認證中使用者無須進行任何操作,皆由認證平台13自動進行。The second stage is login authentication. When the user wants to log in to the network service platform 12, the network service platform 12 notifies the authentication platform 13 to perform login authentication for the user. At this time, the authentication platform 13 retrieves the public information stored in the client device 11 through the public information interface 112, and then calculates a specific identification parameter through a preset calculation rule. Then, the authentication platform 13 passes through the server access interface 114. The identification parameter is input to retrieve the encrypted file. Finally, the encrypted file is decrypted and the account data is retrieved for comparison to confirm the identity of the user. If you confirm your identity, you can tell the web service platform to accept the user's login. Therefore, the user does not need to perform any operations in the second stage of authentication, and is automatically performed by the authentication platform 13.

第三階段為識別碼認證,若使用者於該網路服務平台12欲請求特定的服務時(例如消費),必須用戶端存取介面114輸入識別碼,若用戶端裝置確認該識別碼輸入無誤,則將加密檔傳予該認證平台13進行解密以對使用者進行身份確認。例如於上述的消費動作,可由認證平台13將加密檔解密取出銀行帳號資料或信用卡資料,以將該些資料告知網路服務平台12進行扣款,亦或是由認證平台13進行扣款。The third stage is the identification code authentication. If the user wants to request a specific service (for example, consumption), the user access interface 114 must input the identification code. If the user equipment confirms that the identification code is input correctly. Then, the encrypted file is transmitted to the authentication platform 13 for decryption to confirm the identity of the user. For example, in the above-mentioned consumption action, the authentication platform 13 may decrypt the encrypted file to take out the bank account data or the credit card data, so as to inform the network service platform 12 of the deduction, or the debit payment by the authentication platform 13.

請參閱第2圖,其係本發明之網站使用者身分認證系統一具體實施例。其中,而認證平台23復包含連線單元230、應用管理單元231及資料庫單元232。Please refer to FIG. 2, which is a specific embodiment of the website user identity authentication system of the present invention. The authentication platform 23 further includes a connection unit 230, an application management unit 231, and a database unit 232.

連線單元230係透過該網路系統20與用戶端裝置21及網路服務平台22進行連結並傳遞資料。應用管理單元231係用以提供使用者進行註冊及各項帳號資料的設定與認證,以及擷取各項公開資訊、帳號資料、服務資料、識別碼或加密檔。通常用戶端裝置21及網路服務平台的資料可預先設定於認證平台23之資料庫單元232,當認證平台23取得用戶端裝置21所提供之身分資料加密檔時,資料庫單元232可將此加密檔解密以進行資料比對與認證。而資料庫單元232也儲存用戶端裝置21與網路服務平台22之各項帳號資料。其中,該帳號資料可為用戶端裝置21之身分資料、身分識別碼、消費密碼、親子鎖、該網路服務平台之帳號密碼及/或特定之網站服務內容。The connection unit 230 connects to the client device 21 and the network service platform 22 through the network system 20 and transmits the data. The application management unit 231 is configured to provide users with registration and setting and authentication of various account materials, and to retrieve various public information, account information, service materials, identification codes or encrypted files. Generally, the data of the client device 21 and the network service platform may be preset in the database unit 232 of the authentication platform 23. When the authentication platform 23 obtains the encrypted file of the identity data provided by the user device 21, the database unit 232 may The encrypted file is decrypted for data comparison and authentication. The database unit 232 also stores various account materials of the client device 21 and the network service platform 22. The account information may be the identity information of the client device 21, the identity identifier, the consumption password, the parent-child lock, the account password of the network service platform, and/or the specific website service content.

於本實施例,首先,用戶端裝置21將各種身分資料或帳號資料加密形成加密檔,接著,透過網路20連結該網路服務平台22請求登入,此時網路服務平台22主動與認證平台23之連線單元230連結並通知認證平台23對用戶端裝置21進行身分認證。認證平台23透過連線單元230主動與用戶端裝置21連線並利用應用管理單元231擷取其加密檔,以將加密檔解密取得用戶身分資料。再透過資料庫單元232比對身分資料以確認用戶端裝置21為合法用戶後,將認證結果傳回該網路服務平台22使該平台允許用戶端裝置21的登入並獲得使用授權。In this embodiment, first, the client device 21 encrypts various identity data or account data to form an encrypted file, and then connects to the network service platform 22 through the network 20 to request login. At this time, the network service platform 22 actively and the authentication platform. The connection unit 230 of 23 is connected and notifies the authentication platform 23 to perform identity authentication on the client device 21. The authentication platform 23 actively connects with the client device 21 through the connection unit 230 and retrieves the encrypted file by using the application management unit 231 to decrypt the encrypted file to obtain the user identity data. After the database unit 232 compares the identity data to confirm that the client device 21 is a legitimate user, the authentication result is transmitted back to the network service platform 22 to enable the platform to allow the user device 21 to log in and obtain the use authorization.

請再參閱第3圖,係本發明之網站使用者身分認證系統另一具體實施例。本實施例中包括用戶電腦31、影音服務網站32a、拍賣網站32b、金融服務網站32c以及透過乙太網路30連結之身分認證平台33。其中,用戶電腦31可為不同或相同的使用者所有,而除了上述網站種類僅為一範例說明,本發明可實施於各種不同種類的網站。Please refer to FIG. 3 again, which is another specific embodiment of the website user identity authentication system of the present invention. The embodiment includes a user computer 31, an audio-visual service website 32a, an auction website 32b, a financial service website 32c, and an identity authentication platform 33 connected via the Ethernet 30. The user computer 31 can be owned by different or the same users, and the present invention can be implemented in various kinds of websites in addition to the above-mentioned website types.

用戶電腦31中具有資料加密軟體,係用以將個別網站的帳號、密碼、識別碼及身分資料進行加密。當網站需要進行登入認證時,由第3圖之說明可知身分認證平台33即可自動完成所有認證動作。身分認證平台33包含網頁連線主機330、用戶資料管理主機331以及資料庫主機332,用以提供用戶電腦31進行連線、註冊、資料設定、資料擷取、身分認證及資料儲存。The user computer 31 has data encryption software for encrypting the account number, password, identification code and identity data of the individual websites. When the website needs to perform login authentication, it can be seen from the description of FIG. 3 that the identity authentication platform 33 can automatically complete all authentication actions. The identity authentication platform 33 includes a webpage connection host 330, a user profile management host 331, and a database host 332 for providing user computer 31 for connection, registration, data setting, data retrieval, identity authentication, and data storage.

具體實施時,須先進行初始認證。使用者於用戶電腦31設定身分資料與對應影音服務網站32a、拍賣網站32b及金融服務網站32c的帳號密碼,由身分認證平台33初始認證通過後再設定一組識別碼,用以代替網站的帳號密碼。用戶電腦31於儲存上述資料前必須先經加密動作,其目的是防止資料傳輸時遭駭客攔截,故藉由加密來提昇資料的安全性。完成加密並儲存後,即完成初始認證流程。For specific implementation, initial certification is required. The user sets the identity data and the account passwords of the corresponding audio-visual service website 32a, the auction website 32b, and the financial service website 32c on the user computer 31, and then sets a group of identification codes after the initial authentication by the identity authentication platform 33 to replace the account number of the website. password. The user computer 31 must perform an encryption operation before storing the above data. The purpose of the user computer 31 is to prevent the hacker from intercepting the data transmission, so the security of the data is enhanced by encryption. Once the encryption is complete and stored, the initial certification process is completed.

於登入認證流程,用戶電腦31可選擇透過乙太網路30登入影音服務網站32a,此時影音服務網站32a會主動與身分認證平台33連結並請求對用戶電腦31進行身分認證。身分認證平台33以用戶資料管理主機331透過用戶電腦31的介面擷取加密檔,並將該加密檔案解密以取得使用者設定流程中所設定之身分資料。接著使資料庫主機332將該身分資料進行比對或將身分資料傳回影音服務網站32a進行比對。當確認用戶電腦31為合法用戶後,身分認證平台33將認證結果傳回該影音服務網站32a使該網站允許用戶電腦31的登入並獲得使用影音服務的授權。During the login authentication process, the user computer 31 can choose to log in to the video service website 32a via the Ethernet 30. At this time, the video service website 32a actively connects with the identity authentication platform 33 and requests identity authentication for the user computer 31. The identity authentication platform 33 retrieves the encrypted file from the user data management host 331 through the interface of the user computer 31, and decrypts the encrypted file to obtain the identity data set in the user setting process. The database host 332 then compares the identity data or transmits the identity data back to the video service website 32a for comparison. When it is confirmed that the user computer 31 is a legitimate user, the identity authentication platform 33 transmits the authentication result back to the video service website 32a so that the website allows the user computer 31 to log in and obtain authorization to use the video service.

該用戶電腦31於影音服務網站32a進行付費時,將該識別碼輸入用戶電腦31之用戶端存取介面,於該識別碼確認無誤後將該加密檔傳予該身分認證平台33進行解密以對使用者進行身份確認,俾於確認無誤後執行扣款作業或將扣款帳號資料交由影音服務網站32a執行扣款。When the user computer 31 pays the video service website 32a, the identification code is input into the user access interface of the user computer 31, and after the identification code is confirmed, the encrypted file is transmitted to the identity authentication platform 33 for decryption. The user confirms the identity, performs the deduction operation after confirming the error, or hands over the debit account information to the video service website 32a to perform the deduction.

於一較佳實施例中,上述之用戶電腦31於初始認證流程中可設定一親子鎖,其中該親子鎖係一種對應該影音服務網站32a不同影音服務的認證識別碼。例如,影音服務網站32a提供多種不同種類的影片,由於限制級的影片並不適合未成年人觀賞,因此使用者可針對同一個影音服務網站32a的帳號,依據不同的服務內容設定不同的識別碼。親子鎖可設定限制使用者收看色情、暴力等影片,因此父母親可利用親子鎖的設定達成影片分級與管制的效果。In a preferred embodiment, the user computer 31 can set a parent-child lock in the initial authentication process, wherein the parent-child lock is a certificate identification code corresponding to different audio-visual services of the video service website 32a. For example, the video service website 32a provides a plurality of different types of videos. Since the restricted-level videos are not suitable for the minors to view, the user can set different identification codes according to different service contents for the account of the same audio-visual service website 32a. Parent-child locks can be set to restrict users from watching pornography, violence, etc., so parents can use the setting of parent-child lock to achieve the effect of film grading and control.

參閱第4圖,係本發明之網站使用者身分認證方法的流程圖。如圖所示,此網站使用者身分認證方法係應用於上述之網站使用者身分認證系統中,其包括以下的步驟。Referring to Figure 4, there is shown a flow chart of a method for authenticating a user identity of a website of the present invention. As shown in the figure, the website user identity authentication method is applied to the above-mentioned website user identity authentication system, which includes the following steps.

於步驟S40中,將帳號資料輸入用戶端裝置之用戶端輸入介面,以將該帳號資料傳予認證平台進行初始認證,並於通過初始認證後再輸入識別碼。用戶端裝置可為桌上型電腦、筆記型電腦、個人數位助理及/或行動電話。網路系統可為網際網路、組織內網路系統、組織間網路系統、區域網路系統、廣域網路系統及/或虛擬私人網路系統。接著進至步驟S41。In step S40, the account data is input into the user input interface of the client device, and the account data is transmitted to the authentication platform for initial authentication, and the identification code is input after the initial authentication. The client device can be a desktop computer, a notebook computer, a personal digital assistant, and/or a mobile phone. The network system can be an internet network, an intra-organizational network system, an inter-organizational network system, a regional network system, a wide area network system, and/or a virtual private network system. Then it proceeds to step S41.

於步驟S41中,將所輸入的帳號資料與識別碼形成加密檔並儲存於用戶端裝置。接著進至步驟S42。In step S41, the input account data and the identification code are formed into an encrypted file and stored in the client device. Then it proceeds to step S42.

於步驟S42中,於該用戶端裝置登入至網路服務平台而由認證平台進行登入認證時,將該用戶端裝置之公開資訊傳予該認證平台,以由該認證平台透過預設之規則計算出識別參數。網路服務平台可為拍賣網站、交友網站、影音服務網站、電信服務網站及/或金融服務網站等。接著進至步驟S43。In step S42, when the client device logs in to the network service platform and the login authentication is performed by the authentication platform, the public information of the client device is transmitted to the authentication platform, so that the authentication platform calculates the rule through the preset rule. Identify the parameters. The web service platform can be an auction website, a dating website, a video service website, a telecommunications service website, and/or a financial service website. Then it proceeds to step S43.

於步驟S43中,將該識別參數輸入該用戶端裝置之伺服端存取介面以使該認證平台由該用戶端裝置擷取該加密檔,俾該認證平台將該加密檔解密並取出該帳號資料以確認該使用者的身份。接著進至步驟S44。In step S43, the identification parameter is input to the server access interface of the client device, so that the authentication platform retrieves the encrypted file from the client device, and the authentication platform decrypts the encrypted file and retrieves the account data. To confirm the identity of the user. Then it proceeds to step S44.

於步驟S44中,於該用戶端裝置請求該網路服務平台提供特定服務時,將該識別碼輸入該用戶端裝置之用戶端存取介面,於該識別碼確認無誤後將該加密檔傳予該認證平台進行解密以對使用者進行身份確認。In step S44, when the client device requests the network service platform to provide a specific service, the identifier is input into the client access interface of the client device, and the encrypted file is transmitted to the identifier after the identifier is confirmed. The authentication platform decrypts to authenticate the user.

參閱第5圖,係本發明之網站使用者身分認證方法一具體實施例的流程圖。Referring to FIG. 5, it is a flowchart of a specific embodiment of a method for authenticating a user of a website of the present invention.

步驟S50中,使用者於初始認證時設定登入影音服務網站的識別碼、消費密碼、身份資料及限制特定內容之親子鎖。於較佳的實施例中,使用者可針對限制級的影音內容設定親子鎖。接著進至步驟S51。In step S50, the user sets the identification code, the consumption password, the identity data, and the parent-child lock that restricts the specific content at the initial authentication. In a preferred embodiment, the user can set a parent-child lock for the video content of the restricted level. Then it proceeds to step S51.

於步驟S51中,使用者進行帳號資料加密並將加密後之加密檔儲存於用戶端裝置。接著進至步驟S52。In step S51, the user encrypts the account data and stores the encrypted encrypted file in the client device. Then it proceeds to step S52.

於步驟S52中,使用者連結該影音服務網站。然而影音服務網站僅為一範例,本發明之方法可應用於不同種類的網路服務平台,例如拍賣網站、電信服務網站及/或金融服務網站。接著進至步驟S53。In step S52, the user connects to the video service website. However, the video service website is only an example, and the method of the present invention can be applied to different kinds of network service platforms, such as auction websites, telecommunication service websites, and/or financial service websites. Then it proceeds to step S53.

於步驟S53中,影音服務網站請求認證平台對使用者進行登入認證。接著進至步驟S54。In step S53, the video service website requests the authentication platform to perform login authentication for the user. Then it proceeds to step S54.

於步驟S54中,認證平台由用戶端裝置擷取加密檔。接著進至步驟S55。In step S54, the authentication platform retrieves the encrypted file from the client device. Then it proceeds to step S55.

於步驟S55中,認證平台將加密檔解密以取岀帳號資料並與儲存於資料庫之身份資料進行比對與驗證。接著進至步驟S56。In step S55, the authentication platform decrypts the encrypted file to retrieve the account data and compare and verify the identity data stored in the database. Then it proceeds to step S56.

於步驟S56中,通過驗證後,認證系統將認證結果傳給影音服務網站,完成使用者授權。使用者即可任意使用影音服務網站的內容。於一較佳實施例,使用者可預先設定付費資料(如金融卡帳號、信用卡號或轉帳帳號)並加密,接著設定一對應之付費密碼。當影音服務網站要求使用者付費時,透過本發明之認證平台,使用者只須輸入付費密碼,認證平台即可主動擷取付費加密資料檔並對其解密以獲得付費資料,並通知影音服務網站完成付費動作。In step S56, after passing the verification, the authentication system transmits the authentication result to the video service website to complete the user authorization. Users can use the content of the audio and video service website at will. In a preferred embodiment, the user can pre-set the payment data (such as a financial card account number, a credit card number, or a transfer account number) and encrypt it, and then set a corresponding paying password. When the video service website requires the user to pay, through the authentication platform of the present invention, the user only needs to input the payment password, and the authentication platform can actively retrieve the encrypted encrypted data file and decrypt it to obtain the paid data, and notify the video service website. Complete the payment action.

因此,透故上述實施例的說明可知本發明之網站使用者身分認證系統與方法能適用於不同的網路服務平台,並提供一種整合式的認證方法,確保使用者連結網路服務平台時的安全性及方便性,並提供使用者對於特定網站服務內容的限制與管理。Therefore, the description of the above embodiments shows that the website user identity authentication system and method of the present invention can be applied to different network service platforms, and provides an integrated authentication method to ensure that users connect to the network service platform. Security and convenience, and provide users with restrictions and management of the content of specific website services.

透過前述本發明之網站使用者身分認證系統與方法,可實現以下功效。Through the foregoing website user authentication system and method of the present invention, the following effects can be achieved.

(1)透過加密方式解決身分資料外洩時所產生的資訊安全風險。(1) Resolve the information security risks arising from the leakage of identity data through encryption.

(2)利用單一識別碼替代網站的帳號密碼以增加使用者進行身分認證時的便利性。(2) Replacing the account password of the website with a single identification code to increase the convenience of the user in performing identity authentication.

(3)針對不同網站服務內容設定不同的認證碼以便利使用者管理與限制特定網站服務內容。(3) Different authentication codes are set for different website service contents to facilitate user management and restriction of specific website service contents.

綜上所述,本發明之網站使用者身分認證系統與方法,提供一種能適用於不同網路服務平台之身分認證系統,能減少一般網路服務之用戶須記憶並輸入多種不同帳號密碼的不便利性,利用資料加解密的機制降低個人身分資料外洩所產生之資訊安全風險以及提供使用者針對特定網站服務內容作分級與管理。In summary, the website user identity authentication system and method of the present invention provide an identity authentication system that can be applied to different network service platforms, and can reduce the memory of a general network service and input and input a plurality of different account passwords. Convenience, the use of data encryption and decryption mechanisms to reduce the information security risks arising from the leakage of personal identity data and to provide users with the classification and management of specific website services.

上述實施例僅為例示性說明本發明之原理及其功效,而非用於限制本發明。任何熟習此項技術之人均可在不違背本發明之精神及範疇下,對上述實施例進行修飾與變化。The above embodiments are merely illustrative of the principles of the invention and its advantages, and are not intended to limit the invention. Modifications and variations of the above-described embodiments can be made by those skilled in the art without departing from the spirit and scope of the invention.

10...網路系統10. . . Network system

11...用戶端裝置11. . . Client device

110...用戶端輸入介面110. . . Client input interface

111...資料加密模組111. . . Data encryption module

112...公開資訊介面112. . . Public information interface

113...伺服端存取介面113. . . Servo access interface

114...用戶端存取介面114. . . Client access interface

12...網路服務平台12. . . Network service platform

13...認證平台13. . . Certification platform

20...網路系統20. . . Network system

21...用戶端裝置twenty one. . . Client device

22...網路服務平台twenty two. . . Network service platform

23...認證平台twenty three. . . Certification platform

230...連線單元230. . . Connection unit

231...應用管理單元231. . . Application management unit

232...資料庫單元232. . . Database unit

30...乙太網路30. . . Ethernet

31...用戶電腦31. . . User computer

32a...影音服務網站32a. . . Video service website

32b...拍賣網站32b. . . Auction site

32c...金融服務網站32c. . . Financial services website

33...身分認證平台33. . . Identity certification platform

330...網頁連線主機330. . . Web connection host

331...用戶資料管理主機331. . . User data management host

332...資料庫主機332. . . Database host

S40~S44...步驟S40~S44. . . step

S50~S56...步驟S50~S56. . . step

第1圖為本發明之網站使用者身分認證系統之架構圖;1 is an architectural diagram of a website user identity authentication system of the present invention;

第2圖為本發明之網站使用者身分認證系統一具體實施例之架構圖;2 is an architectural diagram of a specific embodiment of a website user identity authentication system of the present invention;

第3圖為本發明之網站使用者身分認證系統另一具體實施例之架構圖;3 is an architectural diagram of another embodiment of a website user identity authentication system of the present invention;

第4圖為本發明之網站使用者身分認證方法的流程圖;以及4 is a flow chart of a method for authenticating a website user identity according to the present invention;

第5圖為本發明之網站使用者身分認證方法一具體實施例的流程圖。FIG. 5 is a flow chart of a specific embodiment of a method for authenticating a website user identity according to the present invention.

10...網路系統10. . . Network system

11...用戶端裝置11. . . Client device

110...用戶端輸入介面110. . . Client input interface

111...資料加密模組111. . . Data encryption module

112...公開資訊介面112. . . Public information interface

113...伺服端存取介面113. . . Servo access interface

114...用戶端存取介面114. . . Client access interface

12...網路服務平台12. . . Network service platform

13...認證平台13. . . Certification platform

Claims (14)

一種網站使用者身分認證系統,係應用於網路系統中,該網站使用者身分認證系統包括:用戶端裝置;網路服務平台,係透過該網路系統連結該用戶端裝置,以提供網路服務內容予該用戶端裝置;以及認證平台,係透過該網路系統連結該用戶端裝置與該網路服務平台,以於該用戶端裝置登入至該網路服務平台時,由該認證平台對該用戶端裝置進行登入認證,其中,該用戶端裝置包括:用戶端輸入介面,用以提供使用者輸入帳號資料,以將該帳號資料傳予該認證平台進行初始認證,並於通過初始認證後提供該使用者輸入識別碼;資料加密模組,用以將該使用者輸入的帳號資料與識別碼形成加密檔並儲存於該用戶端裝置;公開資訊介面,用以於該用戶端裝置登入至該網路服務平台而由該認證平台進行登入認證時,提供該用戶端之公開資訊予該認證平台,以由該認證平台透過預設之規則計算出識別參數;伺服端存取介面,用以提供該認證平台輸入該識別參數以使該認證平台由該用戶端裝置擷取該加密檔,俾該認證平台將該加密檔解密並取出該帳號資料以確認該使用者的身份;以及用戶端存取介面,用以於該用戶端裝置請求該網路服務平台提供特定服務時,提供該使用者輸入該識別碼,於該識別碼確認無誤後將該加密檔傳予該認證平台進行解密以對該使用者進行身份確認。A website user identity authentication system is applied to a network system, and the website user identity authentication system comprises: a client device; and a network service platform, the network device is connected to the client device to provide a network The service device is provided to the client device; and the authentication platform connects the client device and the network service platform through the network system, so that when the client device logs in to the network service platform, the authentication platform is The client device performs login authentication, wherein the client device includes: a user input interface, configured to provide a user input account data, to transmit the account data to the authentication platform for initial authentication, and after the initial authentication Providing the user input identification code; the data encryption module is configured to form an encrypted file of the account data and the identification code input by the user and stored in the user device; and the public information interface is used to log in to the user device Providing the public information of the user terminal to the authentication platform when the network service platform is used for login authentication by the authentication platform The identification parameter is calculated by the authentication platform through a preset rule; the server access interface is configured to provide the authentication platform to input the identification parameter, so that the authentication platform captures the encrypted file by the user device, and the authentication The platform decrypts the encrypted file and retrieves the account data to confirm the identity of the user; and the client access interface is configured to provide the user input when the client device requests the network service platform to provide a specific service. The identification code is transmitted to the authentication platform for decryption after the identification code is confirmed to be confirmed by the user. 如申請專利範圍第1項之網站使用者身分認證系統,其中,該認證平台復包括:連線單元,係透過該網路系統與該用戶端裝置及該網路服務平台進行連結以傳遞資料;應用管理單元,係用以擷取該公開資訊、帳號資料、服務資料、識別碼或加密檔;以及資料庫單元,係用以儲存該用戶端裝置預先設定之身份資訊,以將該身份資訊與該應用管理單元所擷取之公開資訊、帳號資料、服務資料、識別碼或加密檔進行比對。The website user identity authentication system of claim 1, wherein the authentication platform comprises: a connection unit, wherein the network device is connected to the client device and the network service platform to transmit data; The application management unit is configured to retrieve the public information, the account information, the service data, the identification code or the encrypted file; and the database unit is configured to store the identity information pre-set by the client device to use the identity information to The public information, account data, service data, identification code or encrypted file captured by the application management unit are compared. 如申請專利範圍第2項之網站使用者身分認證系統,其中,儲存於該資料庫單元之身份資料為該用戶端裝置之身分資料、身分識別碼、消費密碼、親子鎖、該網路服務平台之帳號密碼及/或特定之網站服務內容。For example, the website user identity authentication system of claim 2, wherein the identity data stored in the database unit is the identity data of the client device, the identity identifier, the consumption password, the parent-child lock, and the network service platform. Account password and / or specific website service content. 如申請專利範圍第1項之網站使用者身分認證系統,其中,該用戶端裝置為桌上型電腦、筆記型電腦、個人數位助理及/或行動電話。For example, the website user identity authentication system of claim 1 is wherein the client device is a desktop computer, a notebook computer, a personal digital assistant, and/or a mobile phone. 如申請專利範圍第1項之網站使用者身分認證系統,其中,該網路系統為網際網路、組織內網路系統、組織間網路系統、區域網路系統、廣域網路系統及/或虛擬私人網路系統。For example, the website user identity authentication system of Patent Application No. 1, wherein the network system is an internet network, an intra-organizational network system, an inter-organizational network system, a regional network system, a wide area network system, and/or a virtual system. Private network system. 如申請專利範圍第1項之網站使用者身分認證系統,其中,該網路服務平台為影音服務網站、拍賣網站、電信服務網站及/或金融服務網站。For example, the website user identity authentication system of claim 1 is the audio-visual service website, the auction website, the telecommunication service website and/or the financial service website. 如申請專利範圍第1項之網站使用者身分認證系統,其中,該資料加密模組為資料加密軟體。For example, the website user identity authentication system of claim 1 of the patent scope, wherein the data encryption module is data encryption software. 一種網站使用者身分認證方法,係應用於網路系統中,該網站使用者身分認證方法包括:(1)將帳號資料輸入用戶端裝置之用戶端輸入介面,以將該帳號資料傳予認證平台進行初始認證,並於通過初始認證後再輸入識別碼;(2)將所輸入的帳號資料與識別碼形成加密檔並儲存於用戶端裝置;(3)於該用戶端裝置登入至網路服務平台而由認證平台進行登入認證時,將該用戶端裝置之公開資訊傳予該認證平台,以由該認證平台透過預設之規則計算出識別參數;(4)將該識別參數輸入該用戶端裝置之伺服端存取介面以使該認證平台由該用戶端裝置擷取該加密檔,俾該認證平台將該加密檔解密並取出該帳號資料以確認該使用者的身份;以及(5)於該用戶端裝置請求該網路服務平台提供特定服務時,將該識別碼輸入該用戶端裝置之用戶端存取介面,於該識別碼確認無誤後將該加密檔傳予該認證平台進行解密以對該使用者進行身份確認。A website user identity authentication method is applied to a network system. The user identity authentication method of the website includes: (1) inputting account data into a user input interface of the user device to transmit the account data to the authentication platform. Perform initial authentication, and then input the identification code after the initial authentication; (2) form the encrypted account file and the identification code into the client device; (3) log in to the network service at the user device. When the platform is authenticated by the authentication platform, the public information of the client device is transmitted to the authentication platform, so that the authentication platform calculates the identification parameter through the preset rule; (4) input the identification parameter into the user terminal. a server access interface of the device, such that the authentication platform retrieves the encrypted file by the client device, the authentication platform decrypts the encrypted file and retrieves the account data to confirm the identity of the user; and (5) When the client device requests the network service platform to provide a specific service, the identifier is input into the client access interface of the client device, and the identifier is confirmed. Pass the encrypted file to decrypt the authentication platform for identification of the user. 如申請專利範圍第8項之網站使用者身分認證方法,其中,於該用戶端裝置安裝資料加密軟體,用以進行資料加密。For example, the method for authenticating a user identity of a website in the scope of claim 8 includes installing data encryption software on the client device for data encryption. 如申請專利範圍第8項之網站使用者身分認證方法,其中,該認證平台具有資料庫模組,用以儲存該用戶端裝置預先設定之身份資料,該身份資料為該用戶端裝置之身分資料、身分識別碼、消費密碼、親子鎖、該網路服務平台之帳號密碼及/或特定之網站服務內容。For example, the method for authenticating a user identity of a website in the scope of the patent application, wherein the authentication platform has a database module for storing the identity data preset by the client device, and the identity data is the identity data of the user device. , identity code, consumer password, parent-child lock, account password of the web service platform and / or specific website service content. 如申請專利範圍第8項之網站使用者身分認證方法,其中,該用戶端裝置對於同一網路服務平台的多種服務內容設定對應之複數個識別碼。For example, in the website user identity authentication method of claim 8, wherein the client device sets a plurality of identification codes corresponding to the plurality of service contents of the same network service platform. 如申請專利範圍第8項之網站使用者身分認證方法,其中,該用戶端裝置為桌上型電腦、筆記型電腦、個人數位助理及/或行動電話。For example, the method for authenticating a website user identity according to claim 8 of the patent scope, wherein the client device is a desktop computer, a notebook computer, a personal digital assistant, and/or a mobile phone. 如申請專利範圍第8項之網站使用者身分認證方法,其中,該網路系統為網際網路、組織內網路系統、組織間網路系統、區域網路系統、廣域網路系統及/或虛擬私人網路系統。For example, the method for authenticating a website user identity in claim 8 wherein the network system is an internet network, an intra-organizational network system, an inter-organizational network system, a regional network system, a wide area network system, and/or a virtual system. Private network system. 如申請專利範圍第8項之網站使用者身分認證方法,其中,該網路服務平台為影音服務網站、拍賣網站電信服務網站及/或金融服務網站。For example, the method for authenticating a user identity of a website in the scope of claim 8 is wherein the online service platform is an audio-visual service website, an auction website, a telecommunications service website, and/or a financial service website.
TW98109847A 2009-03-26 2009-03-26 System and method for verifying the identity of web site users TWI407751B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW98109847A TWI407751B (en) 2009-03-26 2009-03-26 System and method for verifying the identity of web site users

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW98109847A TWI407751B (en) 2009-03-26 2009-03-26 System and method for verifying the identity of web site users

Publications (2)

Publication Number Publication Date
TW201036397A TW201036397A (en) 2010-10-01
TWI407751B true TWI407751B (en) 2013-09-01

Family

ID=44856228

Family Applications (1)

Application Number Title Priority Date Filing Date
TW98109847A TWI407751B (en) 2009-03-26 2009-03-26 System and method for verifying the identity of web site users

Country Status (1)

Country Link
TW (1) TWI407751B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI465094B (en) * 2011-04-26 2014-12-11 Telepaq Technology Inc User identification methods and systems for Internet transactions
TWI465095B (en) * 2011-05-19 2014-12-11 Telepaq Technology Inc User identification methods and systems for Internet transactions
TWI621027B (en) * 2016-08-30 2018-04-11 富邦人壽保險股份有限公司 Information service system and login method thereof

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030105966A1 (en) * 2001-05-02 2003-06-05 Eric Pu Authentication server using multiple metrics for identity verification
US20070044146A1 (en) * 2003-08-11 2007-02-22 Sony Corporation Authentication method, authentication system, and authentication server
US20080109371A1 (en) * 2002-06-10 2008-05-08 Ken Sakamura Ic card and authentication method in electronic ticket distribution system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030105966A1 (en) * 2001-05-02 2003-06-05 Eric Pu Authentication server using multiple metrics for identity verification
US20080109371A1 (en) * 2002-06-10 2008-05-08 Ken Sakamura Ic card and authentication method in electronic ticket distribution system
US20070044146A1 (en) * 2003-08-11 2007-02-22 Sony Corporation Authentication method, authentication system, and authentication server

Also Published As

Publication number Publication date
TW201036397A (en) 2010-10-01

Similar Documents

Publication Publication Date Title
US10491379B2 (en) System, device, and method of secure entry and handling of passwords
US10616222B2 (en) Authenticator centralization and protection based on authenticator type and authentication policy
CA2786271C (en) Anytime validation for verification tokens
CN102176225B (en) Mass storage device with automated credentials loading
CN103380592B (en) Method, server and system for personal authentication
CN104283686A (en) Digital right management method and system
Park et al. Analysis of authentication methods for smartphone banking service using ANP
Chen et al. A novel DRM scheme for accommodating expectations of personal use
US11301862B2 (en) Secure transfer of tokens between devices
TWI407751B (en) System and method for verifying the identity of web site users
US10938808B2 (en) Account access
CN101860524A (en) Website user identity authentication system and method
JP2005519364A (en) System and method for granting network service, right exercise system and computer execution method
Thawre et al. Use cases of authentication protocols in the context of digital payment system
KR101936941B1 (en) Electronic approval system, method, and program using biometric authentication
TWI296769B (en)
AU2015200701B2 (en) Anytime validation for verification tokens
US20230066582A1 (en) Threshold multi-party computation with must-have member
Khan et al. Design and Implementation of a Secure and Distributed Electronic Voucher Management System
US20230316270A1 (en) Apparatus, system and method for on-device mutlifactor authentication security
Singh et al. Towards a Two Factor Authentication Method Using Zero-Knowledge Protocol in Online Banking Services
KR20090094717A (en) System and Method for Transferring Certificate and Program Recording Medium
JP2009104615A (en) Computer execution method and system for exercising rights

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees